Spotify Community

Hey everyone,

So I was thinking of developing a mobile app that allows users to view their friends' listening activity, similar to the desktop version of Spotify.

However, I’ve come across what seems to be the only way to obtain this information: using “https://guc-spclient.spotify.com/presence-view/v1/buddylist” which I believe is Spotify’s private API. To access this API, a web player access token is required (not a regular API access token).

My question isn’t about how to retrieve this information, but rather whether using this API in a publicly published app would violate Spotify’s Terms of Service.

I’ve seen some people claim that it does, but how do some already published apps on the App Store and Google Play Store get away with this? I’m not sure if naming them would be appropriate (if they’re violating anything, of course I'd share links), but one particular app has a public GitHub repository. When I checked their code, it seems they are using this API by storing the sp_dc cookie on login, obtaining the access token from "https://open.spotify.com/get_access_token?reason=transport&productType=web_player,” and fetching the friends list from the API endpoint mentioned above.

Is this usage technically legal for a publicly shared app, or would it indeed violate Spotify’s ToS?